Problem:
Product: BSS 4.5
Platform: All
Component: Security
What is the relationship between "java.security.cert.X509Certificate" and "com.inprise.security.CORBASec.X509Cert" classes?
What is the easiest way to convert between them?
Resolution:
The "com.inprise.security.CORBAsec.X509Cert" has no direct relationship with "java.security.cert.Certificate". BSS45 don't use "java.security.cert.Certificate" because it still need to support jdk1.1.x.
The following information is about the conversion:
Since there is no direct relationship between these two classes, you can't cast it directly. What can be done is going to the raw byte level, and constructing the "java.security.cert.Certificate" from scratch:
// Suppose you have a com.inprise.securiy.CORBAsec.X509Cert object already
X509Cert mycert = ... // maybe got from peerCertificate...
// Step 1: got the DER bytes from the cert
byte [] derCert = mycert.getDER();
// Step 2: construct ByteArrayInputStream
java.io.ByteArrayInputStream bais = new java.io.ByteArrayInputStream(derCert);
// Step 3: Get CertificateFactory
java.security.cert.CertificateFactory factory = java.security.cert.CertificateFactory.getInstance("X.509");
// Step 4: Generate java cert using factory
java.security.cert.Certificate java_cert = factory.generateCertificate(bais);
Conversely, you can also convert from "java.security.cert.Certificate" to "com.inprise.security.CORBAsec.X509Cert". Of course, you can't construct a X509Cert on the fly, as it is an interface. But in the module requiring X509Cert, e.g. setPKprincipal() in SecurityCurrent, you can do the following:
// Supposed you have java.security.cert.Certificate
java.security.cert.Certificate [] java_cert_chain = ...
byte [][] derCert = new byte [java_cert_chain.length][];
for (int i = 0; i <java_cert_chain.length; i ) {
derCert = java_cert_chain .getEncoded();
}
current.setPKprincipal(derCert, privateKey, "...");
#VisiBroker
#certificate
#Security
